From 39ecb13cc2e60fb48bf1929bbdbbd30f1a10432c Mon Sep 17 00:00:00 2001 From: Sandro Date: Sat, 9 Dec 2023 23:55:00 +0100 Subject: [PATCH] Complain if the env set in SecretEnv cannot be found Signed-off-by: Sandro --- cmd/dex/config.go | 3 +++ cmd/dex/serve.go | 12 ++++++++++-- 2 files changed, 13 insertions(+), 2 deletions(-) diff --git a/cmd/dex/config.go b/cmd/dex/config.go index 831156fd..29581620 100644 --- a/cmd/dex/config.go +++ b/cmd/dex/config.go @@ -103,6 +103,9 @@ func (p *password) UnmarshalJSON(b []byte) error { }) if len(data.Hash) == 0 && len(data.HashFromEnv) > 0 { data.Hash = os.Getenv(data.HashFromEnv) + if data.Hash == "" { + return fmt.Errorf("invalid config: could not find HashFromEnv %q", data.HashFromEnv) + } } if len(data.Hash) == 0 { return fmt.Errorf("no password hash provided") diff --git a/cmd/dex/serve.go b/cmd/dex/serve.go index 47b090ae..5451beac 100644 --- a/cmd/dex/serve.go +++ b/cmd/dex/serve.go @@ -188,7 +188,11 @@ func runServe(options serveOptions) error { if client.ID != "" { return fmt.Errorf("invalid config: ID and IDEnv fields are exclusive for client %q", client.ID) } - c.StaticClients[i].ID = os.Getenv(client.IDEnv) + id := os.Getenv(client.IDEnv) + if id == "" { + return fmt.Errorf("invalid config: could not find IDEnv %q", id) + } + c.StaticClients[i].ID = id } if client.Secret == "" && client.SecretEnv == "" && !client.Public { return fmt.Errorf("invalid config: Secret or SecretEnv field is required for client %q", client.ID) @@ -197,7 +201,11 @@ func runServe(options serveOptions) error { if client.Secret != "" { return fmt.Errorf("invalid config: Secret and SecretEnv fields are exclusive for client %q", client.ID) } - c.StaticClients[i].Secret = os.Getenv(client.SecretEnv) + secret := os.Getenv(client.SecretEnv) + if secret == "" { + return fmt.Errorf("invalid config: could not find SecretEnv %q", client.SecretEnv) + } + c.StaticClients[i].Secret = secret } logger.Infof("config static client: %s", client.Name) }